- Collaboration Oriented Architecture
This is a term used in the areas of
information security ,IT security ,network security andcomputer security .Collaboration Oriented Architecture is a concept used to describe the design of a computer system that is designed to collaborate, or use services, from systems that are outside of your locus of control.Collaboration Oriented Architecture will often utilize
Service Oriented Architecture to deliver the technical framework.Collaboration Oriented Architecture is the ability to collaborate between systems that are based on the
Jericho Forum principles or “Commandments”. [Jericho Forum , "Commandments", [http://www.jerichoforum.org/commandments_v1.1.pdf Jericho Forum Commandments] , 2006.]Bill Gates and Craig Mundie (Microsoft) [ [http://www.microsoft.com/Presspass/exec/billg/speeches/2007/02-06RSA.mspx Bill Gates, Craig Mundie: RSA Conference 2007. Transcript of keynote discussion between Microsoft Chairman Bill Gates and Chief Research & Strategy] ] [ [http://www.microsoft.com/winme/0702/29377/RSA_mbr.asx Bill Gates Webcast, Bill Gates and Craig Mundie Keynote at RSA Conference 2007: Advancing Trust in Today’s Connected World] ] clearly articulated the need for people to work outside of their organizations in a secure and collaborative manner in their opening keynote to the RSA Security Conference in February 2007.
Successful implementation of a Collaboration Oriented Architecture implies the ability to successfully inter-work securely over the
Internet and will typically mean the resolution of the problems that come withde-perimeterisation .Origin of the term
The term Collaboration Oriented Architectures [https://www.opengroup.org/jericho/COA_v1.0.pdf] was defined and developed in a meeting of the
Jericho Forum at a meeting held at [http://www.hsbc.com HSBC] on the 6th July 2007.Definition of a Collaboration Oriented Architecture
The key elements that qualify a security architecture as a Collaboration Oriented Architecture are as follows;
* Protocol: Systems use appropriately secure protocols to communicate.
* Authentication: The protocol is authenticated with user and/or system credentials).
* Federation: User and/or systems credentials are accepted and validated by systems that are not under your (locus of) control.
* Network Agnostic: The design does not rely on a secure network, thus it will operate securely from an Intranet to raw-Internet
* Trust: The collaborating system have the capacity to be able to confirm to a specified degree of confidence that the components in a transaction chain have.
* Risk: The collaborating systems can make a risk assessment on any transaction based on the communicated levels of required trust, based on the required degree of identity, confidentiality, integrity, availability.Authentication in a Collaboration Oriented Architecture
Working in a collaborative multi-sourced environment implies the need for authentication, authorization and accountability which must interoperate / exchange outside of your locus / area of control. [ [http://www.jerichoforum.org/commandments_v1.1.pdf Jericho Forum Commandment #8 ] ]
* People/systems must be able to manage permissions of resources and rights of users they don't control
* There must be capability of trusting an organization, which can authenticate individuals or groups, thus eliminating the need to create separate identities
* In principle, only one instance of person / system / identity may exist, but privacy necessitates the support for multiple instances, or one instance with multiple facets, often referred to s personas
* Systems must be able to pass on security credentials /assertions
* Multiple loci (areas) of control must be supportedReferences
External links
* [http://www.jerichoforum.org http://www.jerichoforum.org]
* [http://www.osoa.org Open SOA Collaboration]
* [http://www.osoa.org/display/Main/Service+Component+Architecture+Specifications Service Component Architecture Specifications]
* [http://doi.ieeecomputersociety.org/10.1109/ECBS.2006.5 A collaboration-oriented software architecture modeling system]
* [http://www.ibm.com/systems/z/soa/ Enterprise collaboration with Service Oriented Architecture (SOA)]
* [http://whitepapers.silicon.com/0,39024759,60288728p-39000639q,00.htm Collaboration Services in a Services Oriented Architecture]
Wikimedia Foundation. 2010.